{"id":15615,"date":"2016-08-19T13:22:21","date_gmt":"2016-08-19T17:22:21","guid":{"rendered":"http:\/\/mjtsai.com\/blog\/?p=15615"},"modified":"2016-08-19T17:42:13","modified_gmt":"2016-08-19T21:42:13","slug":"omnifocus-now-supports-end-to-end-encryption","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2016\/08\/19\/omnifocus-now-supports-end-to-end-encryption\/","title":{"rendered":"OmniFocus Now Supports End-to-End Encryption"},"content":{"rendered":"<p><a href=\"https:\/\/www.omnigroup.com\/blog\/omnifocus-now-supports-end-to-end-encryption\">Derek Reiff<\/a>:<\/p>\n<blockquote cite=\"https:\/\/www.omnigroup.com\/blog\/omnifocus-now-supports-end-to-end-encryption\">\n<p>But, with our latest updates today (OmniFocus 2.6 for Mac and OmniFocus 2.15 for iOS), your data will be completely encrypted <em>before<\/em> it leaves your device so that it&rsquo;s encrypted <em>on the server itself<\/em>. We&rsquo;re using your sync password to generate a key that encrypts everything as it leaves your device. <em>All encryption and decryption happens locally<\/em>, so your data is always encrypted end-to-end and our server never has access to your encryption key.<\/p>\n<p>[&#8230;]<\/p>\n<p>To make this level of encryption work&mdash;and for other features down the road&mdash;we needed to make some adjustments to our database format.<\/p>\n<p>The releases of OmniFocus out today will periodically check to see if all of your devices are using the latest version. Once they are, you&rsquo;ll be prompted to migrate to the new database format.<\/p>\n<\/blockquote>\n<p>The migration went very smoothly. In fact, they made it so easy that there&rsquo;s little indication that encryption is being used. The local files remain unencrypted, and you&rsquo;re not asked to enter a new password. Here are the <a href=\"https:\/\/www.omnigroup.com\/releasenotes\/omnifocus\/2.6.1\">release notes<\/a> and the open-source <a href=\"https:\/\/github.com\/omnigroup\/OmniGroup\/tree\/master\/Frameworks\/OmniFileStore\">OmniFileStore<\/a>.<\/p>\n<blockquote cite=\"https:\/\/www.omnigroup.com\/blog\/omnifocus-now-supports-end-to-end-encryption\"><p>The guiding principle of today&rsquo;s updates is that the only things which should ever have access to your OmniFocus tasks are devices you own and control: your phone, your Mac, your tablet.<\/p>\n<p>There are a few other things worth remembering: no one at Omni will have the ability to look at or restore your data.<\/p>\n<\/blockquote>\n<p>Presumably you are not protected from nefarious modifications to the server, though, as the password for syncing and logging into their <a href=\"https:\/\/manage.sync.omnigroup.com\">site<\/a> is the same one that secures the encryption key.<\/p>\n<p>Previously: <a href=\"http:\/\/mjtsai.com\/blog\/2016\/05\/12\/proposed-client-side-encryption-in-omnifocus\/\">Proposed Client-side Encryption in OmniFocus<\/a>.<\/p>\n<p>Update (2016-08-19): <a href=\"https:\/\/twitter.com\/kcase\/status\/766751794043117568\">Ken Case<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/kcase\/status\/766751794043117568\"><p>Our next update will let people set a separate encryption password from their sync password.<\/p><\/blockquote>","protected":false},"excerpt":{"rendered":"<p>Derek Reiff: But, with our latest updates today (OmniFocus 2.6 for Mac and OmniFocus 2.15 for iOS), your data will be completely encrypted before it leaves your device so that it&rsquo;s encrypted on the server itself. We&rsquo;re using your sync password to generate a key that encrypts everything as it leaves your device. All encryption [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"","apple_news_api_id":"","apple_news_api_modified_at":"","apple_news_api_revision":"","apple_news_api_share_url":"","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[31,26,30,32,526,74,355,269],"class_list":["post-15615","post","type-post","status-publish","format-standard","hentry","category-technology","tag-ios","tag-iosapp","tag-mac","tag-macapp","tag-omnifocus","tag-opensource","tag-privacy","tag-syncing"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/15615","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=15615"}],"version-history":[{"count":2,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/15615\/revisions"}],"predecessor-version":[{"id":15623,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/15615\/revisions\/15623"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=15615"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=15615"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=15615"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}